Identification of susceptible websites from code injection attack

Hussein Alnabulsi, MD Rafiqul Islam

Research output: Book chapter/Published conference paperConference paperpeer-review

Abstract

The paper presents a framework methodology for identifying the real website is vulnerable to code injection attack, our proposed methodology gives a solution for thousands of websites to identify their vulnerability against code injection attacks, so it can help the administrator of the website by checking his own website and knows if it is vulnerable to code injection attacks. There are not too many researchers about this subject because most of the cyber security researchers are about detecting and protecting against the malware, the good thing in this research is that it can provide a self-checking protection for every website, so the administrator can know if his website needs to get more protection support against malware or if the anti-malware that the administrator is using for protection against code injection attack is enough. The framework that presented in this paper can do a code injection attacks such as SQL injection and XSS attacks by itself to check whether the website is vulnerable to code injection attack. The checking methodology is contained all ways that the attacker can do to success his code injection attack, so it gives a precision checking for the website whether is vulnerable against code injection attack or no. By this way, we can protect many of websites against hackers that using code injection attack to make damage such as stealing or deleting or altering important data from website systems.
Original languageEnglish
Title of host publicationProceedings of 1st International Conference on Machine Learning and Data Engineering, Sydney, Australia (2017)
PublisherGlobal Circle for Scientific, Technological and Management Research
Pages1-9
Number of pages9
ISBN (Electronic)9780648014737
Publication statusPublished - 2017
Event1st International Conference on Machine Learning and Data Engineering: iCMLDE 2017 - Western Sydney University, Parramatta, Sydney, Australia
Duration: 20 Nov 201722 Nov 2017
http://2017.icmlde.net.au/Home.aspx (Conference website)
http://2017.icmlde.net.au/Proceedings.aspx (Conference proceedings)

Conference

Conference1st International Conference on Machine Learning and Data Engineering
Country/TerritoryAustralia
CityParramatta, Sydney
Period20/11/1722/11/17
Other1st International Conference on Machine Learning and Data Engineering, Sydney, 2017 (iCMLDE 2017) will bring international and national experts in Artificial Intelligence, Computer Vision, Machine Learning and Data Engineering researcher to Sydney to present and share their latest research and practice. iCMLDE 2017 will be held in Sydney, which is one of the largest cities in Australia. The conference is supported by Global Circle for Scientific, Technological and Management Research (GCSTMR) and Science, Technology and Management Crest, Australia (STAMCA). GCSTMR endeavors to create a platform for young researchers to exchange ideas and share information with experts in their respective fields. GCSTMR encourages and facilitates trans-national collaborations among its members and associates in research, training and professional activities. Multidisciplinary international conference series run by GCSTMR open vast opportunities for researchers to interact on the global platform and take advantage of knowledge sharing in the digital arena.

iCMLDE 2017 will be held at Western Sydney University’s Parramatta campus, which is situated 20km from the Sydney CBD and is well connected by rail, road and ferry networks. The traditional landmarks of Sydney including Sydney Harbour, Sydney Opera House and Harbour Bridge are within easy reach of the conference venue as is the Blue Mountains World Heritage National Park.
Internet address

Fingerprint

Dive into the research topics of 'Identification of susceptible websites from code injection attack'. Together they form a unique fingerprint.

Cite this